Your unrestricted access to Commercial Risk, Commercial Risk Europe and Global Risk Manager will end soon.

GVNW members face more tough cyber renewals as losses mount

As German risk and insurance managers prepare to meet for the virtual annual GVNW Symposium on 9-10 September, the association’s president Alexander Mahnke has told Commercial Risk Europe that they can look forward to a more predictable and less stressful renewal round this year in most lines of business.

Last year’s renewal was a mess, with many German risk managers desperately seeking capacity at the last minute in key lines such as D&O as insurers pulled capacity with little notice or explanation, against the backdrop of huge uncertainty surrounding the impact of Covid-19 and an already rapidly hardening market.

The shift to home working because of the pandemic did not help of course, as communication on the renewal of complex and often multinational programmes was difficult. Underwriters at many of the leading insurers were also under strict instructions to walk away from often longstanding customers if they did not meet their re-underwriting requirements.

The continued and sometimes brutal hardening of the German industrial insurance market took place against the backdrop of huge uncertainty about the financial impact of the pandemic. Insurers and reinsurers knew they would take big hits on their contingency and travel lines but the situation with wider business interruption claims was unclear.

The first-quarter and half-year results published by insurers have clearly shown, however, that they have comfortably weathered the storm and are back to healthy profits as Covid-19 losses, while still difficult to predict, are rapidly falling.

The huge losses caused by the recent flooding in Germany, Belgium, Switzerland and the Netherlands – now thought likely to reach €7bn in Germany alone – will hit the third-quarter numbers. But underlying combined ratios are in much better shape than they have been for a long time, largely because of the re-underwriting.

Combined with the improved communication seen in the market as it prepares for the year-end, this should reassure GVNW members that the pain of last year’s renewal will not be repeated overall, suggested Mr Mahnke.

Cyber will, however, again be a struggle for most companies as losses continue to mount for German firms, not least because of the rapid shift to home working and an explosion in ransomware-style attacks in Germany and worldwide, as criminals try to cash in on the vulnerability brought by the new style of working.

GVNW members last year had to face up to the dual pressure of dwindling capacity and spiralling rates. Very broadly speaking, limits on offer were halved while rates shot up by double or three times. This left many German risk and insurance managers struggling to find adequate coverage for their escalating cyber risks.

Directors of German companies were left scratching their heads and wondering why their insurance managers were seemingly able to find adequate property and liability cover but not cyber and D&O. The sudden loss of cyber capacity will have been particularly baffling for market ‘outsiders’, given that only three to four years ago insurers were very aggressively marketing the product in search of a rich new vein of premium.

A recent study carried out by the Cologne-based Institute for Economic Research (Institut der Deutschen Wirtschaft (IW)) suggests that this issue with cyber capacity will again be a problem and German companies need to re double their efforts to tackle the threat at source, particularly related to home working.

The IW study states that in 2020 alone, a total of €52.5bn in damage at German companies was attributable to attacks on home offices – some €31bn more than before the pandemic.

“With coronavirus, the home office has gained in importance. This is challenging for the cybersecurity of companies, because the attack surface is increasing due to the growing number of systems connected to the company network,” states the institute.

“The intensity with which German companies have been attacked has been increasing for years. Espionage, sabotage and blackmail are now mainly taking place in the digital space and have long since exceeded analog risks in the perception of companies (Engels, 2017). The damage caused by cybercrime reaches new records every year,” continues the study.

According to a recent survey by Bitkom, the association for German digital companies, German companies reported €223.5bn in damage from data theft, industrial espionage and sabotage in 2020. This was €120.6bn more than in the previous year. The growth rate of financial losses, meanwhile, has risen from 7% to 117% since 2015, notes the IW.

One major challenge for German companies as their insurance managers prepare for cyber insurance renewals is to crack the vulnerability created by home working, says the IW.

“The fact that many companies used more employees in home offices during the pandemic contributed to the enormous increase in damage. The higher number of distributed attack points makes their own IT more vulnerable. In addition to the onsite IT solutions in the company, the numerous systems in home offices and the connections between the systems must also be protected (BSI, 2021). This results in significantly more gateways for attackers than before the coronavirus pandemic,” states the institute.

And it seems that, up until now, German companies have not been taking this threat seriously enough or investing in management and prevention of the risk.

“Despite the increased risk of attacks, only 16% of the companies surveyed by the BSI (2021) increased their IT security budget during the coronavirus crisis. Especially in view of the fact that even after the pandemic, people will increasingly work in home offices, it is imperative that companies secure their IT better. There is plenty of upward travel: currently only 38% of companies manage the security of cellphones, laptops and other mobile devices with a connection to the company network (BSI, 2021),” states the IW.

Thus, while the insurance sector really has not covered itself in glory by so aggressively marketing cyber cover and then abruptly changing tack, it has to be said that it seems that corporates are really not doing enough to tackle the problem at source, particularly given the shift in the whole working model.

GVNW members who do not want to have to admit to their CFOs that they can’t find enough cyber cover at this year-end had better get working on those risk presentations as early as possible.

The full interview with Alexander Mahnke will be published on our website shortly and lead our in-depth coverage of this year’s GVNW Symposium. To attend the virtual conference please visit: gvnw.de

Back to top button